The blog for those involved in managing windows servers , Specially for small to medium business

Monday, January 31, 2011

Replacing Registry hives

There are 5 registry hives , Namely

SAM – Security accounts manager

System

Software

Default

Security

These are located in c:\windows\system32\config

When a system state backup is run on the computer, these hives are backed up and stored in c:\windows\repair.

If you made a change to the system or installed a new software , the server may go into a no-boot situation. This procedure is also helpful when your registry is corrupt. You may receive error on these lines:

“Windows could not start because the following file is missing or corrupt: \WINDOWS\SYSTEM32\CONFIG\SOFTWARE or SYSTEM or its log.”

It is important to note that , once you have replaced the hives, your system will be pushed back to the configuration when you took the last backup. If you are not sure when you took the last backup, you must check the date on files in c:\windows\repair .

If you have not performed a backup since you promoted the server to Domain Controller, Do not use this procedure.

It is also possible to only replace one hive at a time , but since the hives are related , I would suggest replacing all in one go.

Steps to Follow

Boot with the Windows CD and go to recovery console

You need to enter the password , this is the first password that was entered when setting up the computer

type the following commands

cd windows

cd system32

cd config

This will take you to the following path

c:\windows\system32\config>

Now we need to rename the existing hives to .old so we can replace them with ones from repair folder

Run the following commands to rename the hives

ren system system.old

ren software software.old

ren sam sam.old

ren default default.old

ren security security.old

Once this is done , Navigate to c:\windows\repair , to do that , run these commands

cd ..

cd ..

cd repair

Once you are at c:\windows\repair>

run these commands to copy hives from repair folder to config folder

copy software c:\windows\system32\config

copy system c:\windows\system32\config

copy sam c:\windows\system32\config

copy default c:\windows\system32\config

copy security c:\windows\system32\config

Reboot the server to normal mode

If this does not work for you and you want to revert the changes, rename the files you copied from repair folder to hivename.old1 and rename the hivename.old in config folder to hivename